Back To Course Home

Creating Long-Lived Web Apps with Ruby on Rails

0% completed

Prologue

Introduction to Course

Getting Started

Introduction to Sustainability Assumptions Opportunity and Carrying Costs

The Rails Application Architecture

Architecture of Our Rails Application and Its Boundaries Views and Models Pros and Cons of the Rails Application Architecture Typographic Conventions Quiz: The Rails Application Architecture

Start Our App Off Right

Creating a Rails App Using the Environment for Runtime Configuration Configuring Local Development Environment with dotenv Automating Application Setup with the bin/setup Command Running the Application with the bin/run Command Putting Tests and Other Quality Checks in the bin/ci command Improving Production Logging with lograge Quiz: Start Our App Off Right

Business Logic

Business Logic Makes Our App Special and Complex Business Logic Is a Magnet for Complexity Bugs in Commonly-Used Classes Have Wide Effects Business Logic and Complexity in Critical Classes Example Design of a Feature Quiz: Business Logic

Routes and URLs

Use Canonical Routes to Conform Rails’ Defaults Never Configure Routes That Aren’t Being Used Vanity URLs Should Redirect to a Canonical Route Don’t Create Custom Actions, Create More Resources Use Nested Routes Strategically Namespacing Might Be an Architecture Nested Routes Can Organize Content Pages Quiz: Routes and URLs

HTML Templates

Semantic HTML and Views Using Meaningful Tags Tags for Styling Exposure of Variables Reference Data, Global Context, and UI State Are Exceptions Reusable Components Just Use ERB Quiz: HTML Templates

Helpers

Don’t Conflate Helpers with the Domain Helpers Are Best at Exposing Global UI State Define Helpers in As Few Locations as Possible Presenters, Decorators, and View Models Problems With Presenters Use Rails’ APIs to Generate Markup Helpers Should Be Tested and Testable Quiz: Helpers

CSS

Adopt a Design System Adopt a CSS Strategy A CSS Framework Object-Oriented CSS Functional CSS Create a Living Style Guide to Document Our Design System Quiz: CSS

Minimize JavaScript

Javascript Is a Serious Liability Embrace Server-Rendered Rails Views The Architecture of the Jamstack Tweak Turbo to Provide a Slightly Better Experience Quiz: Minimizing JavaScript

Carefully Manage the JavaScript We Need

Embrace Plain JavasScript for Basic Interactions Carefully Choose One Framework Ensure System Tests Fail When JavaScript Is Broken

Testing the View

Understand the Value and Cost of Tests Use :rack_test for Non-JavaScript User Flows Test Against Default Markup and Content Initially Cultivate Explicit Diagnostic Tools to Debug Test Failures Fake the Back-End to Get System Tests Passing Use data-testid Attributes to Combat Brittle Tests Test JavaScript Interactions with a Real Browser Writing a Browser-Driven System Test Case Quiz: Testing the View

Models I

Active Record Is for Database Access Creating Some Example Active Records Model the Database with Active Record’s DSL Database Operations with Class Methods Instance Methods Should Implement Domain Concepts from the DB Active Model Is for Resource Modeling Quiz: Models I

The Database

Logical and Physical Data Models Create a Logical Model to Build Consensus Planning the Physical Model to Enforce Correctness Use a SQL Schema Planning the Physical Model Creating Correct Migrations Creating the Migration File and Helper Scripts Iteratively Writing Migration Code to Create the Correct Schema Writing Tests for Database Constraints Quiz: The Database

Business Logic Code is a Seam

Business Logic Code Must Reveal Behavior Explicitly-Named Classes with Explicitly-Named Methods Return Rich Result Objects, Not Booleans or Active Records Implementation Patterns We Might Want to Avoid Quiz: Business Logic Code Is a Seam

Models II

Validations Don’t Provide Data Integrity Validations Are Awesome for User Experience How to Use Callbacks Model Testing Strategies Create Valid Instances of the Model Using Factory Bot Quiz: Models II

End-to-End Testing

Example Requirements Building the UI First Create Useful Seed Data for Development Sketch the UI Using Semantic Tags Provide Basic Polish Style the Form Style Error States Writing a System Test Sketch Business Logic and Define the Seam Fully Implement and Test Business Logic Finished Implementation Reflecting on What We’ve Built Quiz: End-to-End Testing

Controllers

Controller Code Is Configuration Don’t Over-Use Callbacks Controllers Should Convert Parameters to Richer Types Don’t Over Test Implementing a Basic Confidence-Checking System Quiz: Controllers

Jobs

Overview of the Jobs Web Workers, Memory, and Network Calls Background Jobs Sidekiq Is the Best Job Backend for Most Teams Queue Jobs Directly Job Code and Testing Strategies Jobs Must Be Idempotent Quiz: Jobs

Other Boundary Classes

Mailers Rake Tasks One Task Per File, Namespaces Match Directories Rake Tasks Should Not Contain Business Logic Mailboxes, Cables, and Active Storage Quiz: Other Boundry Classes

Authentication and Authorization beyond Rails

When in Doubt, Use Devise or OmniAuth Use OmniAuth to Authenticate Using a Third Party Authorization and Role-Based Access Controls Use CanCanCan to Implement Role-Based Access Test Access Controls in System Tests Quiz: Authentication and Authorization Beyond Rails

API Endpoints

What and Who Our API Is for Write APIs the Same Way We Write Other Code Use the Simplest Authentication System Use the Simplest Content Type We Can Just Put the Version in the URL Use .to_json to Create JSON Customizing JSON Serialization Customize JSON in the Models Themselves Always Use a Top Level Key Test API Endpoints Quiz: API Endpoints

Sustainable Process and Workflows

Use Continuous Integration to Deploy What is CI?CI Should Be Based on bin/setup and bin/ci Frequent Dependency Updates A Versioning Policy Automate Dependency Updates Leverage Generators and Templates over Documentation RubyGems and Railties Can Distribute Configuration Quiz: Sustainable Processes and Workflows

Operations

Why Observability Matters

Monitor Business Outcomes

Logging Is Powerful

Include a Request ID in All Logs

Log What Something Is and Where It Came From

Manage Unhandled Exceptions

Measure Performance

Managing Secrets, Keys, and Passwords

Quiz: Operations

Conclusion

Appendices

Software Versions and Sample Code Setting Up Docker for Local Development Monoliths, Microservices, and Shared Databases

Managing Secrets, Keys, and Passwords

Learn about managing secrets, keys, and passwords.

We'll cover the following

Safeguarding sensitive data

In the first section of this course, we hand-waved over managing sensitive values that must be stored in the app’s UNIX environment in production. Let’s talk about that now.

The short answer is, of course, that it depends. The other thing to understand is that we cannot absolutely prevent unauthorized access to our secrets. No system can absolutely prevent the exfiltration of sensitive data.

Get hands-on with 1200+ tech skills courses.